Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/WYThiOWbYEaxTB5RfBrjxAn-Ia8.roa
File: WYThiOWbYEaxTB5RfBrjxAn-Ia8.roa (raw, json)
Hash identifier: 1o0USgM5Y2wzqMg+xs2s44oWl7k3biBSXjVEk7f6Qto=
Subject key identifier: 59:84:E1:88:E5:9B:60:46:B1:4C:1E:51:7C:1A:E3:C4:09:FE:21:AF
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018CAF907BBC1091659BB3511254943E2EA8
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/WYThiOWbYEaxTB5RfBrjxAn-Ia8.roa
Signing time: Thu 28 Dec 2023 08:35:30 +0000
ROA not before: Thu 28 Dec 2023 08:35:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54252
IP address blocks: 84.32.58.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.61.0/24 maxlen: 24
84.32.64.0/24 maxlen: 24
88.216.92.0/23 maxlen: 24
84.32.20.0/24 maxlen: 24
88.216.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:af:90:7b:bc:10:91:65:9b:b3:51:12:54:94:3e:2e:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 28 08:35:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5984e188e59b6046b14c1e517c1ae3c409fe21af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:22:50:f4:b1:19:20:f2:5b:fa:5e:81:e2:6b:
c4:eb:5d:ee:d3:de:86:0b:05:ed:fe:a6:86:84:3b:
80:34:9f:fc:72:94:37:ba:eb:f4:87:84:a3:f1:bd:
3d:6c:bf:c5:92:c4:f2:a1:d0:0d:e3:40:f4:98:ab:
ac:cf:01:ef:46:1d:7b:b4:4f:34:ac:fc:e6:01:2b:
d6:8b:27:1e:b9:b7:65:2f:31:1c:4a:4f:77:9c:63:
f7:ef:f9:2c:e1:17:82:02:ee:33:1f:c0:83:43:7f:
8a:d5:c5:54:63:0e:ec:cf:03:2a:50:00:38:6d:37:
ec:8e:fc:6e:09:60:a3:49:a8:c9:71:4b:6e:df:cd:
bd:75:ca:2e:01:f4:56:d8:1f:00:60:81:e8:05:91:
ec:d9:47:bd:29:40:12:d6:76:83:63:31:48:e4:1d:
a1:c3:f7:c5:f9:b6:05:05:3c:76:3b:d0:47:10:b8:
c1:01:9c:96:b9:17:33:04:01:6a:d7:16:0f:60:5f:
52:8b:91:9e:3b:be:9c:fa:01:2c:ab:21:7a:9d:6f:
99:7b:42:2a:0b:37:4e:f0:7e:13:e7:a3:75:89:17:
5b:c0:5f:7d:b3:78:f6:8d:3b:09:2e:64:44:fe:bd:
d2:93:33:31:1b:e1:c3:da:65:66:c8:88:b9:bd:dc:
76:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:84:E1:88:E5:9B:60:46:B1:4C:1E:51:7C:1A:E3:C4:09:FE:21:AF
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/WYThiOWbYEaxTB5RfBrjxAn-Ia8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.20.0/24
84.32.58.0/24
84.32.60.0/23
84.32.64.0/24
88.216.36.0/24
88.216.92.0/23
Signature Algorithm: sha256WithRSAEncryption
16:82:42:27:52:2d:ab:c8:b3:ca:12:06:ec:36:55:e1:df:49:
df:98:37:c6:aa:7c:7c:3d:fa:41:0d:fa:a9:d8:88:e6:37:f4:
74:c4:e4:ce:46:cf:b3:ea:55:c7:60:bb:1f:93:6a:8e:a2:d2:
1f:f1:59:30:d5:0f:5f:21:03:9b:d3:94:bd:f1:e9:a4:71:67:
ac:69:cc:42:ec:52:61:9f:f5:6d:50:99:5b:5d:a9:b1:09:56:
9f:0d:6a:6b:e2:b1:5a:b1:56:d9:b0:0a:f7:0e:08:9b:6a:76:
99:98:f2:64:34:2d:4e:34:be:50:9c:fe:52:17:21:f0:1b:69:
05:82:54:38:c9:e7:4e:30:71:a0:a9:1d:1a:09:fe:71:b7:ce:
9d:38:6a:cc:35:66:96:f1:e5:22:44:00:29:71:e9:e4:33:97:
d2:eb:68:27:da:28:27:b0:bf:69:bf:02:04:ba:28:3a:ba:21:
69:c8:32:9c:65:f3:2d:3b:0f:52:c6:14:ed:ea:01:48:98:69:
76:87:32:da:92:dd:aa:dc:9c:45:12:f9:19:4c:19:4c:79:43:
7d:45:43:84:26:e5:50:39:72:d5:4c:c8:7c:dc:bf:9e:99:ad:
9f:f0:90:96:6d:14:e1:4a:4d:48:2d:9a:5e:85:e3:fb:ef:16:
87:5c:7e:1a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYyvkHu8EJFlm7NRElSUPi6oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMjI4MDgzNTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTg0ZTE4OGU1OWI2MDQ2YjE0YzFlNTE3YzFhZTNjNDA5ZmUyMWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyJQ9LEZIPJb+l6B4mvE613u096G
CwXt/qaGhDuANJ/8cpQ3uuv0h4Sj8b09bL/FksTyodAN40D0mKuszwHvRh17tE80
rPzmASvWiyceubdlLzEcSk93nGP37/ks4ReCAu4zH8CDQ3+K1cVUYw7szwMqUAA4
bTfsjvxuCWCjSajJcUtu3829dcouAfRW2B8AYIHoBZHs2Ue9KUAS1naDYzFI5B2h
w/fF+bYFBTx2O9BHELjBAZyWuRczBAFq1xYPYF9Si5GeO76c+gEsqyF6nW+Ze0Iq
CzdO8H4T56N1iRdbwF99s3j2jTsJLmRE/r3SkzMxG+HD2mVmyIi5vdx2twIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFmE4Yjlm2BGsUweUXwa48QJ/iGvMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvV1lUaGlPV2JZRWF4VEI1UmZCcmp4QW4tSWE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVCAUAwQA
VCA6AwQBVCA8AwQAVCBAAwQAWNgkAwQBWNhcMA0GCSqGSIb3DQEBCwUAA4IBAQAW
gkInUi2ryLPKEgbsNlXh30nfmDfGqnx8PfpBDfqp2IjmN/R0xOTORs+z6lXHYLsf
k2qOotIf8Vkw1Q9fIQOb05S98emkcWesacxC7FJhn/VtUJlbXamxCVafDWpr4rFa
sVbZsAr3DgibanaZmPJkNC1ONL5QnP5SFyHwG2kFglQ4yedOMHGgqR0aCf5xt86d
OGrMNWaW8eUiRAApcenkM5fS62gn2ignsL9pvwIEuig6uiFpyDKcZfMtOw9SxhTt
6gFImGl2hzLakt2q3JxFEvkZTBlMeUN9RUOEJuVQOXLVTMh83L+ema2f8JCWbRTh
Sk1ILZpeheP77xaHXH4a
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:28 2024 by rpki-client on console-ams.rpki-client.org